Platform
php
Component
wegia
Fixed in
3.6.10
CVE-2026-35399 is a stored Cross-Site Scripting (XSS) vulnerability affecting WeGIA, a web manager for charitable institutions. An attacker can inject malicious scripts through a backup filename, potentially leading to unauthorized code execution within a user's browser and compromising sensitive data. This vulnerability impacts versions 3.6.0 through 3.6.8, but has been resolved in version 3.6.9.
CVE-2026-35399 affects WeGIA, a web manager for charitable institutions. This vulnerability, a stored XSS, allows an attacker to inject malicious scripts through a backup filename. This could lead to the unauthorized execution of malicious code in the victim's browser, potentially compromising session data or executing actions on behalf of the user. The severity of this vulnerability necessitates immediate attention, particularly if your organization utilizes WeGIA to manage sensitive donor or beneficiary data. Successful exploitation could allow an attacker to gain control of a user account with elevated privileges, leading to potentially devastating consequences for the organization’s integrity and donor trust. The risk extends to data breaches, identity theft, and manipulation of critical information.
The vulnerability is exploited by injecting malicious code into a backup filename. When a user downloads or accesses this compromised backup, the malicious script executes in their browser. An attacker might distribute the compromised backup via phishing emails or by manipulating the WeGIA interface. Exploitation is more likely if users have elevated privileges within WeGIA, enabling the attacker to perform more damaging actions. The root cause is the inadequate validation of user input within the backup management system.
Exploit Status
EPSS
0.04% (11% percentile)
CISA SSVC
The fix for CVE-2026-35399 is to update WeGIA to version 3.6.9 or later. This update corrects the stored XSS vulnerability by properly validating and sanitizing backup filenames. As a temporary mitigation, restrict access to the backup functionality to authorized users only and monitor the system for suspicious activity. Implementing robust password policies and enabling two-factor authentication can further reduce the risk of unauthorized access. Educating users about XSS risks and phishing attempts is also crucial. Regular security audits and penetration testing can help identify and address other potential vulnerabilities.
Actualice el módulo WeGIA a la versión 3.6.9 o superior para mitigar la vulnerabilidad de XSS almacenada. Esta actualización corrige la forma en que se manejan los nombres de los archivos de respaldo, evitando la inyección de scripts maliciosos. Asegúrese de realizar una copia de seguridad de su base de datos antes de actualizar.
Vulnerability analysis and critical alerts directly to your inbox.
Stored XSS (Cross-Site Scripting) is a type of security vulnerability where an attacker injects malicious code into a website, which is then executed in the browsers of other users who visit the page.
If you are using a version of WeGIA prior to 3.6.9, you are vulnerable. Check your current version and update as soon as possible.
Immediately change your passwords, review your data for suspicious activity, and notify your security provider.
Web vulnerability scanners can detect stored XSS. Consult with your security provider for recommendations.
Implement robust password policies, enable two-factor authentication, and educate your users about web security risks.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.